And just last Thursday, we’ve been seeing reports that registered owners of PlayStation and PSP can now enable this new security feature the next time they log in. This is wonderful news, indeed, and can be considered another win for security as we continue to see companies of all sizes take security concerns seriously and actually do something about it. Better late than never, right?

Enabling 2FA is pretty comprehensive to follow albeit a tad long-winded—at least as far as the browser set up is concerned. One can start off by clicking the orange button on this PlayStation page. Users are directed to a login page, if they’re not logged in already, where they can key in their credentials. Once in, they see this:

Change status to “Active” by clicking the first “Edit” button, which then changes a section of the page to show a 2-step instruction on how to sign in with 2FA:

To sign in with 2-step verification:(1) Enter your Sign-in ID and password.(2) Check your mobile phone for a text message about your Sony Entertainment
Network account. Enter the code from the text message when you are prompted
during the sign-in process.

The “Activate” button, however, opens the “oh, by the way” section for PS3, PS Vita, PSP, and Xperia users:

To securely sign in on PlayStation 3, PlayStation Vita, PSP and some mobile
devices:

You will not use a verification code. Generate a device setup password and
use it instead of your account password the next time you sign in.

Click “Continue” to open the section asking for the user’s mobile number:

All your verification codes will be sent as text messages to this number.This information will be used in accordance with the privacy policy.

After selecting their country, entering their number, and clicking the “Continue” button, the site then asks for the user’s password for verification purposes. Supplying this correctly then prompts the network to send the number a 6-character, alpha-numeric code that a user enters to the provided text box displayed below:

Clicking “Verify” concludes the activation process. The next section is merely a confirmation for users that their account already has 2FA enabled. Notice the pre-ticked box that allows the auto-sign out of users from the Sony/PlayStation Network. As we have mentioned before, closing browser tabs and leaving accounts logged in can increase the likelihood of savvy bad actors accessing login information from session cookies. As you can see, this is another simple, security measure provided by the network that could save users a lot of headache.

You can change your security settings at any time by going to [2-Step
Verification].

Users also receive an SMS stating the same confirmation message.

We go back to the first page of the 2-Step Verification process above and have found that two additional options are now available: Device Setup Password and Backup Codes, as seen below:

We encourage users to check out these options as well, as these may further aid them in fully taking advantage of PSN’s new security feature.

Lastly, we encourage users to read through PSN’s help page to know more about 2FA and how it works within the network.

May 4, 2018 - A recent error caused passwords to be exposed internally at Twitter. As a precaution, they're advising all users to change their passwords. Read on to find out what happened, and what you can do about it.